VIR Vulnerability Intelligence Relay

Search

Found 284 results in 64ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2013-4931 medium 5.0 FIX debian debian wireshark 13y ago epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR disse…
CVE-2013-4930 medium 5.0 FIX debian debian wireshark 13y ago The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before …
CVE-2013-4926 medium 5.0 FIX debian debian wireshark 13y ago epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allo…
CVE-2013-4925 medium 5.0 FIX debian debian wireshark 13y ago Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (asserti…
CVE-2013-4924 medium 5.0 FIX debian debian wireshark 13y ago epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a…
CVE-2013-4923 medium 5.0 FIX debian debian wireshark 13y ago Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers …
CVE-2013-4922 medium 5.0 FIX debian debian wireshark 13y ago Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows rem…
CVE-2013-4921 medium 5.0 FIX debian debian wireshark 13y ago Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial …
CVE-2013-4920 medium 5.0 FIX debian debian wireshark 13y ago The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-4083 medium 5.0 FIX debian debian wireshark 13y ago The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length va…
CVE-2013-4082 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows…
CVE-2013-4081 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursi…
CVE-2013-4080 medium 5.0 FIX debian debian wireshark 13y ago The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, whi…
CVE-2013-4079 medium 5.0 FIX suse susedebian debian wireshark 13y ago The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loo…
CVE-2013-4078 medium 5.0 FIX debian debiansuse suse wireshark 13y ago epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial …
CVE-2013-4077 medium 5.0 FIX debian debiansuse suse wireshark 13y ago Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-n…
CVE-2013-4076 medium 5.0 FIX debian debiansuse suse wireshark 13y ago Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (applica…
CVE-2013-4075 medium 5.0 FIX debian debiansuse suse wireshark 13y ago epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (applica…
CVE-2013-4074 medium 6.0 EXPFIX debian debiansuse suse wireshark 13y ago The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an er…
CVE-2013-3562 medium 5.0 FIX debian debiansuse suse wireshark 13y ago Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a deni…
CVE-2013-3560 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attacke…
CVE-2013-3559 medium 5.0 FIX debian debiansuse suse wireshark 13y ago epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer over…
CVE-2013-3558 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cau…
CVE-2013-3557 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, whi…
CVE-2013-3556 medium 5.0 FIX debian debiansuse suse wireshark 13y ago The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers…
CVE-2013-3555 medium 5.0 FIX debian debiansuse suse wireshark 13y ago epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial…
CVE-2013-2488 medium 5.0 FIX suse susedebian debian wireshark 13y ago The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a…
CVE-2013-2486 medium 6.1 FIX suse susedebian debian wireshark 13y ago The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data …
CVE-2013-2485 medium 6.1 FIX suse susedebian debian wireshark 13y ago The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
CVE-2013-2482 medium 6.1 FIX suse susedebian debian wireshark 13y ago The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
CVE-2013-2476 medium 6.1 FIX suse susedebian debian wireshark 13y ago The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a pack…
CVE-2012-6062 medium 5.0 FIX debian debian wireshark 14y ago The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infi…
CVE-2012-6061 medium 5.0 FIX debian debian wireshark 14y ago The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, wh…
CVE-2012-6060 medium 5.0 FIX debian debian wireshark 14y ago Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a …
CVE-2012-6059 medium 5.0 FIX debian debian wireshark 14y ago The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decr…
CVE-2012-6058 medium 5.0 FIX debian debian wireshark 14y ago Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a d…
CVE-2012-6057 medium 5.0 FIX debian debian wireshark 14y ago The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remot…
CVE-2012-6056 medium 5.0 FIX debian debian wireshark 14y ago Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infini…
CVE-2012-6055 medium 5.0 FIX debian debian wireshark 14y ago epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length f…
CVE-2012-6054 medium 5.0 FIX debian debian wireshark 14y ago The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP add…
CVE-2012-6053 medium 5.0 FIX debian debian wireshark 14y ago epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause…
CVE-2012-6052 medium 5.0 FIX debian debian wireshark 14y ago Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files.
CVE-2012-5240 medium 5.8 FIX debian debian wireshark 14y ago Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application cras…
CVE-2012-3548 medium 4.3 FIX debian debian wireshark 14y ago The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consum…
CVE-2012-4298 medium 5.4 FIX debian debian wireshark 14y ago Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execut…
CVE-2012-4294 medium 5.8 FIX debian debian wireshark 14y ago Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code…
CVE-2012-4287 medium 5.0 FIX debian debian wireshark 14y ago epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON do…
CVE-2012-4286 medium 4.3 FIX debian debian wireshark 14y ago The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero…
CVE-2012-1596 medium 5.0 FIX debian debian wireshark 14y ago The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial o…
CVE-2012-1595 medium 4.3 FIX debian debian wireshark 14y ago The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a…
CVE-2012-0068 medium 4.3 FIX debian debian wireshark 14y ago The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell captur…
CVE-2012-0067 medium 5.3 EXPFIX rheldebian debian wireshark 14y ago wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.
CVE-2012-0066 medium 4.3 FIX rheldebian debian wireshark 14y ago Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trac…
CVE-2012-0043 medium 5.8 FIX debian debian wireshark 14y ago Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a deni…
CVE-2012-0041 medium 4.3 FIX rheldebian debian wireshark 14y ago The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a ca…
CVE-2011-4102 medium 4.3 FIX debian debian wireshark 15y ago Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of…
CVE-2011-4101 medium 4.3 FIX debian debian wireshark 15y ago The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a de…
CVE-2011-4100 medium 4.3 FIX debian debian wireshark 15y ago The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause …
CVE-2011-3484 medium 4.3 FIX debian debian wireshark 15y ago The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attacke…
CVE-2011-3483 medium 5.3 EXPFIX debian debian wireshark 15y ago Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception…
CVE-2011-3482 medium 4.3 FIX debian debian wireshark 15y ago The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers t…
CVE-2011-2698 medium 4.3 FIX debian debian wireshark 15y ago Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause …
CVE-2011-2597 medium 4.3 FIX debian debian wireshark 15y ago The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
CVE-2011-2175 medium 4.3 FIX debian debian wireshark 15y ago Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via …
CVE-2011-2174 medium 4.3 FIX debian debian wireshark 15y ago Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application cra…
CVE-2011-1959 medium 4.3 FIX debian debian wireshark 15y ago The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a den…
CVE-2011-1958 medium 4.3 FIX debian debian wireshark 15y ago Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter diction…
CVE-2011-1957 medium 4.3 FIX debian debian wireshark 15y ago The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infi…
CVE-2011-1956 medium 5.3 EXPFIX debian debian wireshark 15y ago The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbi…
CVE-2011-1592 medium 4.3 FIX debian debian wireshark 15y ago The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to…
CVE-2011-1590 medium 4.3 FIX debian debian wireshark 15y ago The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (applic…
CVE-2011-1143 medium 5.3 EXPFIX debian debian wireshark 16y ago epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted…
CVE-2011-1141 medium 4.3 FIX debian debian wireshark 16y ago epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter st…
CVE-2011-1140 medium 5.3 EXPFIX debian debian wireshark 16y ago Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote atta…
CVE-2011-1139 medium 4.3 FIX debian debian wireshark 16y ago wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-len…
CVE-2011-1138 medium 4.3 FIX debian debian wireshark 16y ago Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash)…
CVE-2011-0713 medium 6.8 FIX debian debian wireshark 16y ago Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have u…
CVE-2011-0538 medium 7.8 EXPFIX debian debian wireshark 16y ago Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial …
CVE-2011-0445 medium 5.0 FIX debian debian wireshark 16y ago The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
CVE-2010-4301 medium 6.0 EXPFIX debian debian wireshark 16y ago epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related t…
CVE-2010-3445 medium 5.0 FIX debian debian wireshark 16y ago Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attacker…
CVE-2010-2993 medium 5.0 FIX debian debian wireshark 16y ago The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2010-2992 medium 5.0 FIX debian debian wireshark 16y ago packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.
CVE-2010-1455 medium 4.3 FIX debian debian ethereal_groupwireshark 16y ago The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.